Millions of brand new Android smartphones manufactured by Honor, Huawei, Xiaomi, OPPO, Vivo, Samsung and GIONEE have been infected with pre-installed malware.

The malware has been added to the phones somewhere along the supply chain and is disguised as a 'System Wi-Fi service', according to the The Hacker News.

Dubbed RottenSys the malware pushes adware to infected devices and then displays advertisements on the device’s home screen either as pop-up windows or full-screen ads.

This generates fraudulent ad-revenues for the malware creators each time users click on the ad.
According to security researchers, in the past 10 days the ads have appeared on devices over 13 million times. This in turn has resulted in over half a million click-throughs which has generated $115,000.

Sinister and damaging

However, apparently the malware also has a much more sinister and damaging element to it.

Security researchers say RottenSys has been designed to download and install new components so the attackers can weaponise or take full control over the millions of infected devices.

There is already some evidence that the attackers have started turning millions of these infected devices into a massive botnet network.

Some infected devices have also been found with a new RottenSys component that enables attackers to silently install additional apps, among other things.

BullGuard protects your devices from spies and malware

TRY NOW FOR FREE - 90 DAYS
 

How to get rid of RottenSys

To check if your device is infected with this malware, go to Android system settings and then App Manager.

You can then look for the following possible malware package names:
  • com.android.yellowcalendarz
  • com.changmi.launcher
  • com.android.services.securewifi
  • com.system.service.zdsgt

Some of these ‘app’ names may also have Chinese characters. If any of the above are in your installed apps list, simply uninstall it.

Also consider using BullGuard Mobile Security. It provides smart protection for your Android smartphone or tablet against all types of malware and you can download it a for FREE. It also stops spam and includes antitheft tools.